Android Security: First Drive-By Malware Site Reported

After looking through my newsfeed, I've come across two stories dealing with malware. First, gizmodo.com reports that Android devices can now be infected with the malware called "NotCompatible" just by visiting a site (such an attack is known as a drive-by attack in data security parlance). Second, wsj.com reports on a Symante finding that religious sites are more infectious than porn sites.

First Drive-By Malware for Android

However, this attack is only viable if "an Android device that isn't fully patched visits one of these sites." Before you decide to breathe a sigh of relief, though, take into consideration that many Android phone manufacturers are slow in updating whatever fork of Android OS they've decided to use. In the mobile device world, sometimes it's just impossible to get the adequate level of security even if you are a conscientious patch updater.

The real silver-lining is that

This threat does not currently appear to cause any direct harm to a target device, but could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy. [gizmodo.com]

There is an easy way to protect yourself: turn off the "install from unknown sources" option. The problem with this option, of course, is that it will also affect legitimate, bona fide sites.

Gizmodo also recommends the use of mobile antivrus apps (no argument from me there).

Religious Sites More Harmful Than Porn Sites

The other story: The Wall Street Journal reports that the most harmful sites, "in terms of risk from malware infection," are religious websites. A study by Symantec found 115 threats, on average, at religious sites whereas porn site had an average of 25 threats per site.

Other highlights from the report by Symantec (per wsj.com):

Threats to mobile devices, almost exclusively on the Android platform, is growing. The threat, however, is tiny when compared to the PC environment (403 million vs. 4,000).

Half of targeted attacks are directed to organizations with fewer than 2,500 employees. Companies with 250 employees or less were targeted 18% of the time.

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading
provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing
support of the AlertBoot disk encryption managed service.
Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts
University in Medford, Massachusetts, U.S.A.